Blog moved to http://karteek.selfdabba.com

Thursday, August 23, 2007

Alice, Bob and Lahycxpajyqh

Wondering what's that L.. word in the title ? You guys are supposed to use Google search engine once in a while.

...

...

Okay, okay. You really don't want to search now and find what the hell is that. What if I give you a couple of hints ?

  1. Julius Caesar was a great Roman political leader.
  2. Julius Caesar was one of The Nine Worthies

Still no idea what's happening here ? Great. That's what this science was developed. This science is considered to be a branch of Mathematics and Computer Science and it is called Cryptography

The Hints were Caesar and Nine. The Crypto I used is Caesar Shift and the shift magnitude is 9. That converts  "Cryptography" into "Lahycxpajyqh". Caesar shift is one of the simplest and most widely known encryption techniques.

Now, coming to Alice and Bob. Those names are first used by Ron Rivest while presenting one of the most famous encryption algorithms RSA. Well, about RSA, its an encryption algorithm which uses two big Prime Numbers to encrypt as well as decrypt data. The bigger the primes the more secure it is against attacks.

All crap apart. Coming to daily life usage of encryption and decryption. You guys might be sending some mails. Some of them would be very personal. You might be knowing that mails go thru several servers and some server admin can just read your mail. How do you make sure that your mails are read only by the person who is intended to read it ? Well, The process is easy but it has to be mutual. Both the sender and reader must know about the process.

What's the best/easiest method of doing this ? (a.k.a method I use)

  • Download GPG (GNU Privacy Guard)
  • If you are scared of command-line then GPG4Win would be a better option
  • Create a new keypair
    • Private Key for yourself
    • Public Key for everyone else
  • Generate a revocation certificate for your public key (If you forget your password or if your private key is lost, this certificate is used to tell people that your public key is no longer been used. It can also be used to verify your signature)
  • Give your public key to people who mail you (so that they can encrypt their mails)
  • Use your private key to decrypt the encrypted messages.
  • You can also use your private key to sign your messages and readers can verify that the message is sent by you.

With all those GUIs and plugins for the browser (FF) which are available, the entire process is made so simple. Just right now, I'm not doing anything of very high confidentiality and I really don't want others to think that I'm paranoid about security by forcing them to verify my signature or encrypt their mails.

PS: If you are sending a love letter, I know that you really don't want any one else to read your email .. even then, DO NOT ENCRYPT the mail even if you find girl's public key in a key server. Not every girl is Alice to prefer decrypt a mail before reading it ;)

BTW, a public key server is a server where people upload/publish their Public Keys.

0 responses:

 


Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License.

I'm not a lawyer to tell this in a perfect framed sentence. Frame it by yourself if you are so concerned.
Dont think about the content of this blog. Every byte is owned by its rightful owner.
Rest © 2006-2007 Karteek